Search code examples
wpfclickonceappdomainfull-trust

WPF ClickOnce full trust issue (related to separate AppDomain?)


I'm working on creating a clickonce install for my application.

I have ClickOnce security settings enabled with full trust in the Security tab if the project properties. I publish to a network drive and run the install. The install is successful but when I run the application I get this error:

enter image description here

I have the Pos for .Net code running in a separate AppDomain (due to its issues with .net 4's default security policy). It runs fine on my local system without clickonce. My application uses Prism, so I had to modify the manifest to include the dynamically loaded modules. It's somehow related to my AppDomain I create not having full trust.

This is how I create the AppDomain

AppDomainSetup currentAppDomainSetup = AppDomain.CurrentDomain.SetupInformation;
AppDomainSetup newAppDomainSetup = new AppDomainSetup()
{
    ApplicationBase = currentAppDomainSetup.ApplicationBase,
    LoaderOptimization = currentAppDomainSetup.LoaderOptimization,
    ConfigurationFile = currentAppDomainSetup.ConfigurationFile,
    PrivateBinPath = @"Modules"  // need to set this so that the new AppDomain can see the prism modules
};
newAppDomainSetup.SetCompatibilitySwitches(new[] { "NetFx40_LegacySecurityPolicy" }); // required for POS for .Net to function properly
_posAppDomain = AppDomain.CreateDomain("POS Hardware AppDomain", null, newAppDomainSetup);
// Error happens on the following line. Note that type T is always in same assembly that AppDomain was created in.
    T hardware = (T)PosAppDomain.CreateInstanceFromAndUnwrap(Assembly.GetAssembly(typeof(T)).Location, typeof(T).FullName);

Is there a security setting that I'm missing?

I think I'm getting closer. The AppDomain I create runs in full trust when I run without clickonce, but when I run it with clickonce it doesn't run in full trust.... so now I'm trying to figure out how to get it in full trust.


Solution

  • Figured it out

    I had to add the Evidence and PermissionSet ...

    Evidence evidence = new Evidence();
    evidence.AddHostEvidence(new Zone(SecurityZone.MyComputer));
    PermissionSet ps = SecurityManager.GetStandardSandbox(evidence);
    AppDomainSetup currentAppDomainSetup = AppDomain.CurrentDomain.SetupInformation;
    AppDomainSetup newAppDomainSetup = new AppDomainSetup()
    {
        ApplicationBase = currentAppDomainSetup.ApplicationBase,
        LoaderOptimization = currentAppDomainSetup.LoaderOptimization,
        ConfigurationFile = currentAppDomainSetup.ConfigurationFile,
        PrivateBinPath = @"Modules"  // need to set this so that the new AppDomain can see the prism modules
    };
    newAppDomainSetup.SetCompatibilitySwitches(new[] { "NetFx40_LegacySecurityPolicy" }); // required for POS for .Net to function properly